Experts argue context matters in healthcare IT security

Share

Protecting sensitive health data and patient records is a challenging task for infosec teams. In a large hospital, for example, multiple users have access to patient data in the electronic health records system (EHR). How do you tell if any of these users is accessing the system with some hidden agenda, such as trying to steal information?

It's important for the industry to move beyond "statistical anomaly detection" (i.e., the count of accesses to the system) and focus on "the context of the access," said Daniel Fabbri, assistant professor, biomedical informatics and computer science, at Vanderbilt University, and founder and CEO of Maize Analytics. “Moreover, there are tons of timing eccentricities to consider in healthcare that must be thought through. For example, a doctor sees a patient but does not write a note until 24 hours later.”

EHRs generally have an open environment so that employees can access any patient’s data after logging into the system. As such, role-based access controls are limited.

“Further, employees are mostly well behaved,” Prof. Fabbri said. “Thus, occasional inappropriate accesses, snooping or identity theft, for example, are buried among normal treatment operations. Unlike other environments that treat a user as exclusively bad or good, in healthcare the user can be both good and bad on a single day.”

With these factors in mind, security approaches that look at the access login isolation, without clinical context, can only detect a few types of threats, and may even miss breaches, the professor explained.

“Other statistical anomaly detection systems attempt to identify ‘normal’ access patterns, and then alert on outliers,” he said. “The major challenge here is defining what is normal given the extremely dynamic nature of patient care, consultation services and constantly rotating clinical staff.”

One well-defined way to capture normal or appropriate behaviour is to understand the clinical or operational reason why an access occurs. If there is a reason for the user to access a patient’s record, then the access is likely appropriate.

The clinical context necessary to make such a decision is already stored in the EHR and can be leveraged to infer why most EHR accesses occur. Accessing a patient’s record without a valid reason is suspicious.

“The importance of context-based methods is that they not only tell you if an access is good or bad, but also the reason why, with the evidence for the decision, thus providing transparency rather than a black box,” Prof. Fabbri explained.

patient data, healthcare IT, EHR
Protecting sensitive health data and patient records is a challenging task for infosec teams. In a large hospital, for example, multiple users have access to patient data in the electronic health records system (EHR). How do you tell if any of these users

No comment

Highlighted Products

Key FeaturesWe can provide an impressive range of clinical tools and deliver a remarkable clinical experience. On your PACS, off your PACS, within the surgical suite and beyond, iNtuition ensures your workflow is seamless and your imaging costs are minimized....

We can work across many PACS systems. No matter the size of your organization, iNtuition iReview can help you look across your imaging archives and create a unified interpretation view that’s made just for you. The configurable display protocols and user...

Our iNtuition iEMV viewer can display many types of images. It can even do some pretty amazingly advanced things. As a leader in advanced visualization, you can trust that TeraRecon can deliver impressive capabilities, but we strive to make it simple,...

WHAT YOU SEE IS WHAT YOU GET3D Advanced Visualization is at the core of TeraRecon DNA. We are extending our capability to the 3D printing world with a dedicated image processing workflow to enhance 3D printing outcomes. Printing your model is easier...